Xeta Group
Fundamentals of Cybersecurity
Security 301

Fundamentals of Cybersecurity
Security 301

SEC301: Cybersecurity Fundamentals - Course Transcription

Susanna Song [00:00:00]

All right. It's the top of the hour and I see more attendees trickling in and that's okay. Welcome to Overwatch University. You are enrolled in Security 301 Fundamentals Of Cybersecurity. My name is Susanna Song. I'm the Director of Marketing and Communications at High Wire Networks. Overwatch in case you don't know is High Wire's Cybersecurity Platform-as-a-Service and we recently launched Overwatch University and invited all of you as a way to give back and to give our partners and our Field Techs and Engineers an opportunity to upscale and perhaps jump start a security career because as you are all aware of one of the biggest business problems in cybersecurity is a talent shortage. Now if that's not in your career trajectory, that's okay because these courses will provide you with a greater awareness of security to better serve your customers.

We are so excited about this. This is a free course as you know, and it's valued at more than $2,000. I actually need to send several people away because the class filled up so quickly.The first half hour of of this will be instructional and we hope that the latter half we can kind of engage all of you and have a good discussion of Q&A session. Of course, this is in webinar mode. So your audio is muted. So the way to do this is to take advantage of the Q&A button. We will also record this in case you're wondering and offer a certification exam for CPE credit. I know some of you asked about that and we can certainly offer CPE credit and I'll get into that after after the class is over. I'll have a short time at the very end to explain what happens next. So without taking up any more time let me introduce you to Stan Herring. He is a Director of Product and Strategy at High Wire Networks and he will be teaching this course. Stan has a passion for solving business problems and creating value for the companies he serves. He's had 35 years of business and product experience founded and exited multiple technology startups. Developed hardware, software and service products for many companies. For fifteen years he's focused on building cybersecurity products and services to include firewalls, SIEM, biometric authentication, physical security, IoT, manage security services and network automation. So he's done a lot. He knows a lot. You guys are all in good hands for the next hour. Stan,thank you so much. I know you're busy, but you graciously volunteered this hour and we're excited to hear what you have to share.

Stan Herring [00:02:55]

Oh, thank you Susanna. I hope you can hear me okay? Thanks for introducing me. And again, my name is Stan and I'm glad to have a full class today. I sure thank you for joining. It's been a fun afternoon. This is our third class today. I also want to thank our sponsor Overwatch Managee Security making these classes available to anyone and for free.I'll be your instructor today and I want you to know they'll be three of us that are providing these classes. Each week they'll be a different one. Our CISO Phil Burnett and David Barton our CTO will be doing classes. We'll all take rotations doing these classes and I just want you to know that all three of us are hands-on people. We've been in the trenches in cybersecurity for many decades we're veterans with lots of battle scars and you're you're going to get some real world experience.

Stan Herring [00:04:07]

Now today you're probably not going to get a lot of technical experience. But you're going to get a synopsis of how cybersecurity got to where we are today. Some of the good and some of the bad choices that the industry's made along the way and how we can do a better job as we move forward. Like Susanna said we're going to have some time at the end of the class for questions and answers. So let's begin by looking at why or why seems that we can't keep businesses safe from cyber threats and what we can do about it.

Stan Herring [00:04:49]

So I think we need to start with a phrase that I hope you can keep in your mind throughout this whole presentation because this is the most important thing I want you to get today and it's at the top of this screen. You see it's not about better technology, it's about reducing business risk. That's what cybersecurity is all about. You know for a long time we've made it about technology but going forward we have to start addressing reducing business risk.

Stan Herring [00:05:44]

Oops, excuse me. So if we look at who's on this call today and then on these calls earlier today, several of you in this class are more than likely business owners and like other businesses of all types are actually having to address risk in their business and for the most part most businesses are responsible. They act responsibly to reducing risk and liability.They do the right things and most businesses buy liability insurance to reduce financial risk.

Stan Herring [00:06:31]

You know, if you're looking at the screen, you know cybersecurity is about the number one item of the top five business risks for 2020. The problem lies in the fact that when it comes to cyber related risks, most businesses, even though they do a nice job on the other types of business risk. They don't do such a good job on reducing cybersecurity risk. It just makes me think that we have a problem and it's a problem of perception of what cyber risk is. It's interesting if you look at I guess pretty much any business in the world today most and I mean most of us almost comical, how deep technology and internet is embedded in every aspect of every business. Almost every employee in every business touches and connects to the internet. Everything they touch connects to the internet and the apps that we use our way off in the cloud somewhere. I mean, if you think about it even mundane things like a postage meter has to connect to the internet these days. So if think for a second about what's at stake when a business is hit with a security breach like ransomware. I mean, if you see the screen in front of you you got lawsuits, business interruption, loss of revenue, customers that you lose and more importantly, you know damage to the business's reputation. I mean it takes, you know, a lot of these people spent a hundred years building a reputation and it can be wiped out in a in a in a flash with a security breach.

Stan Herring [00:08:42]

And something else that's a real risk for these businesses that I'm going to talk about a good bit more about later is large fines from the different compliance programs like HIPAA or PCI or GDP. That can happen or if they can find something to get assessed with from these different compliance programs. So there's a lot at risk for anybody within the security space to reduce risk around cybersecurity. So why is it that businesses perceive and respond to cybersecurity risk different than they do other risk.

Today about 70% of businesses owners know that the risk of a cybersecurity breach is more than 50/50 For a small business the the risk of a breach at this point and time is about 50/50 and it's growing at alarming rate. They've gone from 43% to down to 50%. About 43% of cyberattacks overall are aimed at small businesses but according to statistics only about 14% of small businesses or actually prepared to defend themselves. So that means 86% know they are not equipped to handle breach.

Stan Herring [00:10:13]

Another interesting fact, is that 62% to 64% of small businesses have no no type of cyber insurance. All of that's alarming and you know as security professionals, you know, this steps right on our jobs. I mean, this is what out here to do is protect these businesses. So I want to back up just a little bit. I want to talk about the kind of the evolution and we'll talk about how we got to we are today. If we go back to the 80s, cybersecurity didn't amount to a lot and I mean it was mostly just antivirus we we're putting on our computers and you know that was enough because most of us were just on AOL dial-up back then. So yes, we rocked along and came up to the mid-eighties. We got some enhancements with those antivirus programs, but it didn't take but you know literally weeks to for hackers to kind of find their way around that.

Stan Herring [00:11:32]

But we rocked along to the 90s and as the internet became much more prevalent. We got high high speed network connections and you know kind of watches the dial-up stuff go away and people started installing firewalls. At that particular time, most businesses were implementing websites, most smaller business, especially didn't have websites up until that point and most of the security concerns were in how to protect those websites. Then as we go on to the 2000-2010 area one of the things that was very prevalent in that period as well the time when I was totally involved in in this particular type of security. Wi-Fi began to reach mass deployment, so the typical Network, you know left the building so to speak so, you know Wi-Fi broadcast way outside the walls of the of you know, the physical network. So there was a lot of breaches, people sitting in the parking lot connected to the internet and you know hacking point-of-sale systems and all sorts of things.

Stan Herring [00:12:50]

If we go all up to the back the last ten years, you know all the cloud and virtualization technologies have begun to reach scale,network security or cybersecurity is being pushed to expand further and further into new areas and new types of things to exploit like IoT and all sorts of things Then of course the explosion and cloud-based applications and you know, just the overall number of breaches. To address all these different things that are happening the industry has taken the approach that every time something pops up we'll just create another point solution to try to put that fire out. Today we have over a thousand, somebody told me 1700, but I'm afraid use that number, but I know there's over a thousand security-related point solutions and on your screen here, you'll see a small amount of them. I can't get all of them on the on the slide, but you know, that's a lot of point solutions and I'll call your attention to the quote over there by Reliaquest, which last year did a study on point solutions and they said that you know the rapid increase in new cybersecurity tools limits their return on investment and it increases the risk of cyber threats. The report discovered that there is a security tool tipping point where the number of cyber solutions becomes overwhelming and actually increases the level of risk. I have certainly experienced that in my time in the security industry, you know, we we keep throwing more technology to address single problems as they pick up and it becomes overwhelming. Becomes absolutely overwhelming. That that in itself pushes us to another issue of which is that in addition to the cost and complexity of these cybersecurity tools the threats have grown as fast as the tools that were trying to put the fire out with. Today we're seeing a huge uptick in the number of people needed to provide cybersecurity and a lot of that is is caused by this, you know, having to manage so many tools and we just keep throwing technology at these problems To actually go a little further into that idea, according to our research, you know today across the United States, just the United States we have over 800,000 people employed in cybersecurity. You know, these aren't low-end jobs. I mean the average job out there as a cyber professional, is an average annual salary of $123,000. There's about, well I said 500,000, actually as of last week when I checked there are 498,498 jobs available in the cybersecurity field for professionals just to meet the demand we have today. So if we could meet the demand we would have 1.3 million people out there trying to keep businesses secure.

Stan Herring [00:17:01]

This cost and and scarcity of qualified personnel in itself is created risk because businesses that need professionals to make this work can't find them and if they could find them they can't afford them. So it puts them at risk and to remedy that most small to mid-sized companies turn to MSP's. The MSP has a more scale and can spread that cost across, you know, multiple multiple businesses, but the msps can't find those even if they can afford them, they can't find those cybersecurity people, especially in the smaller markets. That's a huge opportunity for MSP's, but one that in certain areas is extremely hard to address.

Stan Herring [00:17:52]

So if we take our journey through this whole thing, you know this whole journey of how we've gotten to where we are and we've we've seen all these you know, how we grown into all these breaches and risk and all the different things that we've done to correct them. Probably the thing that's had the most influence on that has been compliance. Security breaches are growing at the fastest rate ever and and it doesn't matter what type of business or other entity, whether it's private sector or public sector or whatever. Every type of business has a specific mandated compliance standard that they have to meet, you know, all these are controlled by the organization's that regulate them. Most of these standards have significant penalties for failure for these businesses to comply and on top of that, you know, every couple of years a new version of those compliance programs come out and each time they get a little more sophisticated or they're asking for a little bit more information and asking for money controls. Compliance programs come about as a response to security and it's created an enormous amount of tools in itself that even further burden on businesses. Services such as you know onsite auditors, compliance assessor's, you got technical validation tools like vulnerability assessment, penetration tests,and patch management tools. Most of you I'm sure you're familiar with a lot of these compliance programs. PCI is probably one of the most common and that's it's absolutely required for everyone who accepts a credit card. Any business that accepts the credit card has no choice, but to meet PCI compliancet if they don't they

Additional Resources
Cybersecurity Fundamentals – Introduction to Cybersecurity
Adoption of Internet by businesses and enterprises has made mobile-banking, online shopping, and social networking possible. Whilst it has opened up a lot of opportunities for us, its not altogether a safe place because its anonymity also harbors cybercriminals. So, to protect yourself against the cyber threats of today, you must have a solid understanding of cybersecurity.

The history of Cybersecurity

About forty years ago words like worms, viruses, trojan-horse, spyware, malware weren't even a part of conventional information technology (IT) vocabulary. Cybersecurity only came into existence because of the development of viruses. But how did we get here?

The history of cybersecurity began as a research project. In the 1970's, Robert Thomas, a researcher for BBN Technologies in Cambridge, Massachusetts, created the first computer "worm". It was called The Creeper. The Creeper, infected computers by hopping from system to system with the message "I'M THE CREEPER: CATCH ME IF YOU CAN." Ray Tomlinson, the inventor of email, created a replicating program called The Reaper, the first antivirus software, which would chase Creeper and delete it.

Late in 1988, a man named Robert Morris had an idea: he wanted to test the size of the internet. To do this, he wrote a program that went through networks, invaded Unix terminals, and copied itself. The Morris worm was so aggressive that it slowed down computers to the point of being unusable. He subsequently became the first person to be convicted under Computer Fraud and Abuse Act.

From that point forward, viruses became deadlier, more invasive, and harder to control. With it came the advent of cybersecurity.

Cybersecurity Fundamentals | Understanding Cybersecurity Basics

What is cybersecurity?

Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.

The term cybersecurity refers to techniques and practices designed to protect digital data. The data that is stored, transmitted or used on an information system. After all, that is what criminal wants, data. The network, servers, computers are just mechanisms to get to the data. Effective cybersecurity reduces the risk of cyber-attacks and protects organizations and individuals from the unauthorized exploitation of systems, networks, and technologies.

Robust cybersecurity implementation is roughly based around three key terms: people, processes, and technology. This three-pronged approach helps organizations defend themselves from both highly organized attacks and common internal threats, such as accidental breaches and human error.

The attacks evolve every day as attackers become more inventive, it is critical to properly define cybersecurity and understand cybersecurity fundamentals.

Why is cybersecurity important?

Listed below are the reasons why cybersecurity is so important in what's become a predominant digital world:

  • With each passing year, the sheer volume of threats is increasing rapidly. According to the report by McAfee, cybercrime now stands at over $400 billion, while it was $250 billion two years ago.
  • Cyber attacks can be extremely expensive for businesses to endure. In addition to financial damage suffered by the business, a data breach can also inflict untold reputational damage.
  • Cyber-attacks these days are becoming progressively destructive. Cybercriminals are using more sophisticated ways to initiate cyber attacks.
  • Regulations such as GDPR are forcing organizations into taking better care of the personal data they hold.
Because of the above reasons, cybersecurity has become an important part of the business and the focus now is on developing appropriate response plans that minimize the damage in the event of a cyber attack. But, an organization or an individual can develop a proper response plan only when he has a good grip on cybersecurity fundamentals.

Now that we know what cybersecurity is and why it is important, let's take a look at fundamental objectives of cybersecurity.

The CIA Triad

Confidentiality, integrity, and availability, also known as the CIA triad, is a model designed to guide companies and organizations to form their security policies. Technically, cybersecurity means protecting information from unauthorized access, unauthorized modification, and unauthorized deletion in order to provide confidentiality, integrity, and availability.

Let's explore these components and some of the information security measures which are designed to assure the safety of each component.

Cybersecurity Fundamentals – Confidentiality

Confidentiality is about preventing the disclosure of data to unauthorized parties. It also means trying to keep the identity of authorized parties involved in sharing and holding data private and anonymous. Often confidentiality is compromised by cracking poorly encrypted data, Man-in-the-middle(MITM) attacks, disclosing sensitive data.

Standard measures to establish confidentiality include:

  • Data encryption
  • Two-factor authentication
  • Biometric verification
  • Security tokens

Integrity refers to protecting information from being modified by unauthorized parties. It is a requirement that information and programs are changed only in a specified and authorized manner. Challenges that could endanger integrity include turning a machine into a "zombie computer", embedding malware into web pages.

Standard measures to guarantee integrity include:

  • Cryptographic checksums
  • Using file permissions
  • Uninterrupted power supplies
  • Data backups

Availability is making sure that authorized parties are able to access the information when needed. Data only has value if the right people can access it at the right time. Information unavailability can occur due to security incidents such as DDoS attacks, hardware failures, programming errors, human errors.

Standard measures to guarantee availability include:

  • Backing up data to external drives
  • Implementing firewalls
  • Having backup power supplies
  • Data redundancy
All cyber attacks have the potential to threaten one or more of the three parts of the CIA triad. Confidentiality, integrity, and availability all have to work together to keep your information secure. So, It's important to understand what the CIA Triad is, how it is used to plan and implement a quality security policy while understanding the various principles behind it.

How much does cybersecurity jobs pay?

With the widely reported success of massive global cyber-attacks, like WannaCry and Adylkuzz, companies are paying more than ever to land highly qualified cybersecurity professionals to secure their most vulnerable assets. The average salary range for top cybersecurity job roles falls between $100,000 to $210,000.
About Overwatch by High Wire Networks
Overwatch by High Wire Networks simplifies cybersecurity by delivering end-to-end protections for an organization's networks, data, endpoints and users as an affordable subscription service with predicable costs and no capital outlay. Customers get instant access to a scalable, future-proof security platform, including a 24/7 security operations center (SOC).
Made on